Query to detect LDAP injections in Java

Cleanup

java/ql/src/Security/CWE/CWE-90/LdapInjectionLib.qll

@@ -6,7 +6,6 @@ import semmle.code.java.frameworks.UnboundId
 import semmle.code.java.frameworks.SpringLdap
 import semmle.code.java.frameworks.ApacheLdap
 
-
 /** Holds if the parameter of `c` at index `paramIndex` is varargs. */
 bindingset[paramIndex]
 predicate isVarargs(Callable c, int paramIndex) {
@@ -129,18 +128,15 @@ class SpringLdapInjectionSink extends LdapInjectionSink {
       ) and
       (
         // Parameter index is 1 (DN or query) or 2 (filter) if method is not authenticate
-        (
         index in [0 .. 1] and
         not m instanceof MethodSpringLdapTemplateAuthenticate
-        ) or
+        or
         // But it's not the last parameter in case of authenticate method (last param is password)
-        (
         index in [0 .. 1] and
         index < m.getNumberOfParameters() - 1 and
         m instanceof MethodSpringLdapTemplateAuthenticate
       )
     )
-    )
   }
 }
 

java/ql/src/semmle/code/java/frameworks/ApacheLdap.qll

@@ -23,7 +23,5 @@ class TypeApacheSearchRequest extends Interface {
 
 /** The class `org.apache.directory.api.ldap.model.name.Dn`. */
 class TypeApacheDn extends Class {
-  TypeApacheDn() {
-    this.hasQualifiedName("org.apache.directory.api.ldap.model.name", "Dn")
-  }
+  TypeApacheDn() { this.hasQualifiedName("org.apache.directory.api.ldap.model.name", "Dn") }
 }

java/ql/src/semmle/code/java/frameworks/SpringLdap.qll

@@ -9,7 +9,9 @@ import semmle.code.java.Member
 /*--- Types ---*/
 /** The class `org.springframework.ldap.core.LdapTemplate`. */
 class TypeSpringLdapTemplate extends Class {
-  TypeSpringLdapTemplate() { this.hasQualifiedName("org.springframework.ldap.core", "LdapTemplate") }
+  TypeSpringLdapTemplate() {
+    this.hasQualifiedName("org.springframework.ldap.core", "LdapTemplate")
+  }
 }
 
 /** The class `org.springframework.ldap.query.LdapQueryBuilder`. */